Published: 30/01/2014 Updated: 29/08/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote malicious users to execute arbitrary code via a long string, as exploited in the wild in January 2014.

Vulnerable Product	Search on Vulmon	Subscribe to Product
daum communications daumgame activex control 1.1.0.5
daum communications daumgame activex control 1.1.0.4

<!-- Trustwave SpiderLabs Security Advisory TWSL2014-002: Buffer Overflow Vulnerability in DaumGame ActiveX Published: 01/07/2014 Version: 11 Vendor: Daum (daumnet) Product: Daum Game ActiveX Version affected: 1105, 1104 Product description: DaumGame ActiveX of Daum Communications is a plugin that is required for playing in Daum Game ...

DaumGame active-x control versions 1105 and 1104 suffer from a buffer overflow vulnerability Proof of concept code included ...

CWE-119 https://www.trustwave.com/spiderlabs/advisories/TWSL2014-002.txt http://blog.spiderlabs.com/2014/01/daumgame-activex-0day.html http://www.exploit-db.com/exploits/31179 http://packetstormsecurity.com/files/124886 http://seclists.org/fulldisclosure/2014/Jan/132 https://exchange.xforce.ibmcloud.com/vulnerabilities/90588 https://nvd.nist.gov https://www.exploit-db.com/exploits/31179/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-7246

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect